All geek questions in one place

Android DefaultHttpClient accepts all certificates for SSL session reference

I am trying to connect to a local HTTPS server using apache DefaultHttpClient on an Android device.

 DefaultHttpClient httpclient = new DefaultHttpClient();
 HttpPost httppost = new HttpPost("http://192.168.1.121:4113/services");
 ... header and content filling in ...
 HttpResponse response = httpclient.execute(httppost);

I get the error "javax.net.ssl ​​SSLException: untrusted server certificate" when starting .execute. I want to just let any certificate work, regardless of whether it is in the Android keychain or not.

I spent about 40 hours studying and trying to figure out a workaround for this problem. I saw many examples of how to do this, but so far no one has worked in Android; they seem to work only for java. Does anyone know how to configure or override the certificate verification used by Apache HttpClient on Android, so that it simply approves all certificates for the default HttpClient connection?

Thank you for your kind reply

+3
source share
2 answers

If someone is still trying to figure this out, I decided to go with this solution:

HTTPS GET (SSL) with Android and a self-signed server certificate

Scroll to the solution to SimonJ. This is a simple direct solution to this problem.

+2

http://blog.antoine.li/index.php/2010/10/android-trusting-ssl-certificates/

Apache HttpClient , SSLSocketFactory ( , BouncyCastle).

, . , .

+1

Source: https://habr.com/ru/post/1768174/

More articles:


All Articles